[android-developers] Re: Running static analysis on an Android device
Hi Daniela, You might want to look at the Kirin Safe installer research paper from Penn state University. McDaniel et al.\ They have a form of static analysis by checking permission combinations at install time. From the paper, you will get an idea of how thing work. cheers, Earlence On Oct 9, 2:21 pm, daniela daniela.anton...@gmail.com wrote: Hi, I am working on a university project which should be completed in 2 months. The aim of the project is to classify Android apps as secure or less so. I am hoping to achieve this by statically analysing apps after they are downloaded and (possibly) before they are installed. The analysis would be simple in the beginning and hopefully get more sophisticated if there is time. As far as I understand, running the analysis on a device would be the greatest difficulty, so my question is: Is this project feasible given the time frame? Also, I would be very grateful for any pointers to relevant information, such as classes in the Android framework which do security checks after an application is downloaded, for example. Thank you very much indeed! daniela -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
[android-developers] Re: Running static analysis on an Android device
Hey Earlence, Thanks for the pointer, this paper seems useful :) On Oct 11, 8:39 am, Tez earlencefe...@gmail.com wrote: Hi Daniela, You might want to look at the Kirin Safe installer research paper from Penn state University. McDaniel et al.\ They have a form of static analysis by checking permission combinations at install time. From the paper, you will get an idea of how thing work. cheers, Earlence On Oct 9, 2:21 pm, daniela daniela.anton...@gmail.com wrote: Hi, I am working on a university project which should be completed in 2 months. The aim of the project is to classify Android apps as secure or less so. I am hoping to achieve this by statically analysing apps after they are downloaded and (possibly) before they are installed. The analysis would be simple in the beginning and hopefully get more sophisticated if there is time. As far as I understand, running the analysis on a device would be the greatest difficulty, so my question is: Is this project feasible given the time frame? Also, I would be very grateful for any pointers to relevant information, such as classes in the Android framework which do security checks after an application is downloaded, for example. Thank you very much indeed! daniela -- You received this message because you are subscribed to the Google Groups Android Developers group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en